WO2006017757A3 - Enhanced security using service provider authentication - Google Patents

Enhanced security using service provider authentication Download PDF

Info

Publication number
WO2006017757A3
WO2006017757A3 PCT/US2005/027936 US2005027936W WO2006017757A3 WO 2006017757 A3 WO2006017757 A3 WO 2006017757A3 US 2005027936 W US2005027936 W US 2005027936W WO 2006017757 A3 WO2006017757 A3 WO 2006017757A3
Authority
WO
WIPO (PCT)
Prior art keywords
application
service provider
carrier
network node
enhanced security
Prior art date
Application number
PCT/US2005/027936
Other languages
French (fr)
Other versions
WO2006017757A2 (en
Inventor
Ji Xiao
Jyh-Han Lin
Ronald R Smith
Ruiqiang Zhuang
Original Assignee
Motorola Inc
Ji Xiao
Jyh-Han Lin
Ronald R Smith
Ruiqiang Zhuang
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Motorola Inc, Ji Xiao, Jyh-Han Lin, Ronald R Smith, Ruiqiang Zhuang filed Critical Motorola Inc
Priority to EP05782711.5A priority Critical patent/EP1776799B1/en
Publication of WO2006017757A2 publication Critical patent/WO2006017757A2/en
Publication of WO2006017757A3 publication Critical patent/WO2006017757A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/086Access security using security domains
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Abstract

A method (100) and an apparatus (210) for providing enhanced security using service provider authentication. In addition to authenticating an application signature (245) against a root certificate (235) stored on the network node (210), a first carrier identification (250) associated with the application (240) is compared to a second carrier identification (255). If the first and second carrier identifications match, then the application can be assigned to a trusted protection domain and granted permissions which provide privileged access to the network node. For example, the application can be granted permission to be installed and/or executed on the network node. Otherwise the application can be denied privileged access. Accordingly, a carrier's applications will be only installed onto network nodes that are intended recipients of the applications.
PCT/US2005/027936 2004-08-06 2005-08-05 Enhanced security using service provider authentication WO2006017757A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP05782711.5A EP1776799B1 (en) 2004-08-06 2005-08-05 Enhanced security using service provider authentication

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/913,919 US9313214B2 (en) 2004-08-06 2004-08-06 Enhanced security using service provider authentication
US10/913,919 2004-08-06

Publications (2)

Publication Number Publication Date
WO2006017757A2 WO2006017757A2 (en) 2006-02-16
WO2006017757A3 true WO2006017757A3 (en) 2006-06-08

Family

ID=35759064

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2005/027936 WO2006017757A2 (en) 2004-08-06 2005-08-05 Enhanced security using service provider authentication

Country Status (4)

Country Link
US (1) US9313214B2 (en)
EP (1) EP1776799B1 (en)
CN (1) CN1993921A (en)
WO (1) WO2006017757A2 (en)

Families Citing this family (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2415860B (en) * 2004-06-30 2007-04-18 Nokia Corp A method of providing a radio service at a remote terminal
US20060030315A1 (en) * 2004-08-06 2006-02-09 Christopher Smith Method and system for provisioning wireless services using SIM information
US7516477B2 (en) * 2004-10-21 2009-04-07 Microsoft Corporation Method and system for ensuring that computer programs are trustworthy
US20060141962A1 (en) * 2004-12-23 2006-06-29 Sony Ericsson Mobile Communications Ab Selecting/acquiring desired multimedia content
KR100765772B1 (en) * 2005-11-04 2007-10-15 삼성전자주식회사 Class library footprint file and method for authenticating JAVA application
WO2007074565A1 (en) * 2005-12-27 2007-07-05 Nec Corporation Program execution control method, device, and execution control program
US20100229242A1 (en) * 2006-02-21 2010-09-09 Nec Corporation Program execution control system, program execution control method and computer program for program execution control
CN101513008B (en) 2006-07-31 2012-09-19 意大利电信股份公司 System for implementing safety of telecommunication terminal
US8850209B2 (en) 2006-09-12 2014-09-30 Microsoft Corporation Schema signing
US8707337B2 (en) * 2006-10-31 2014-04-22 Motorola Mobility Llc Dispatch API that permits midlets to initiate dispatch calls
DE102007022941A1 (en) * 2007-05-16 2008-11-20 Giesecke & Devrient Gmbh Method for executing software on a terminal
CN101534317B (en) * 2008-03-12 2012-05-23 北京华星广视数码技术服务有限公司 Server, mobile phone terminal and method and system for acquiring mobile phone terminal number
US8191150B2 (en) * 2008-03-28 2012-05-29 Sony Ericsson Mobile Communications Ab Method and arrangement relating to a communication device
US8869307B2 (en) * 2010-11-19 2014-10-21 Mobile Iron, Inc. Mobile posture-based policy, remediation and access control for enterprise resources
CN102594565B (en) * 2012-02-23 2015-06-03 汉柏科技有限公司 Identification method and system utilizing digital certificate identification encryption protocol
CN103858130A (en) * 2013-08-23 2014-06-11 华为终端有限公司 Method, apparatus and terminal for administration of permission
US9918226B2 (en) * 2013-12-30 2018-03-13 Apple Inc. Spoofing protection for secure-element identifiers
CN105659662B (en) * 2014-09-29 2019-10-18 华为技术有限公司 A kind of method and device of shunting
US9942747B2 (en) * 2015-08-07 2018-04-10 At&T Mobility Ii Llc Dynamic utilization of services by a temporary device
US10171537B2 (en) 2015-08-07 2019-01-01 At&T Intellectual Property I, L.P. Segregation of electronic personal health information
US10631192B2 (en) 2015-08-14 2020-04-21 At&T Intellectual Property I, L.P. Policy enforced intelligent persona manager
US10044780B2 (en) 2015-08-26 2018-08-07 At&T Intellectual Property I, L.P. Dynamic segregated secure data connection
CN105912954A (en) * 2016-05-16 2016-08-31 北京珠穆朗玛移动通信有限公司 Privacy information protection method and system suitable for mobile terminal
US11431512B2 (en) * 2019-10-16 2022-08-30 Microsoft Technology Licensing, Llc Cryptographic validation of media integrity
CN114676392A (en) * 2022-03-18 2022-06-28 北京百度网讯科技有限公司 Trusted authorization method and device for application and electronic equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5757915A (en) * 1995-08-25 1998-05-26 Intel Corporation Parameterized hash functions for access control
US6567917B1 (en) * 1999-02-01 2003-05-20 Cisco Technology, Inc. Method and system for providing tamper-resistant executable software
US20040127196A1 (en) * 2002-12-31 2004-07-01 Dabbish Ezzat A. Methods and apparatus for managing secured software for a wireless device

Family Cites Families (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5892904A (en) * 1996-12-06 1999-04-06 Microsoft Corporation Code certification for network transmission
US6292833B1 (en) * 1998-07-17 2001-09-18 Openwave Systems Inc. Method and apparatus for providing access control to local services of mobile devices
US6584321B1 (en) * 1999-05-07 2003-06-24 At&T Wireless Services, Inc. Method and apparatus for wireless data services over a selected bearer service
US6651063B1 (en) * 2000-01-28 2003-11-18 Andrei G. Vorobiev Data organization and management system and method
US7240364B1 (en) * 2000-05-20 2007-07-03 Ciena Corporation Network device identity authentication
US6941363B2 (en) * 2000-05-26 2005-09-06 Fujitsu Limited Transaction management system and program for configuring online shopping system
EP1626324B1 (en) 2000-09-21 2012-04-11 Research In Motion Limited Software code signing system and method
EP1225513A1 (en) 2001-01-19 2002-07-24 Eyal Dotan Method for protecting computer programs and data from hostile code
TW508933B (en) * 2001-04-23 2002-11-01 Inventec Appliances Corp Method for automatically switching SIM card of mobile phone and device therefor
US7920827B2 (en) * 2002-06-26 2011-04-05 Nokia Corporation Apparatus and method for facilitating physical browsing on wireless devices using radio frequency identification
US7274909B2 (en) * 2002-10-31 2007-09-25 Nokia Corporation Method and system for selecting data items for service requests
JP2004157703A (en) * 2002-11-06 2004-06-03 Hitachi Ltd Content protection system
US20040148343A1 (en) * 2002-11-29 2004-07-29 Dorron Mottes Method and system for a hosted MVNO platform and management
GB0228972D0 (en) * 2002-12-11 2003-01-15 Nokia Corp Downloading software applications
US8122136B2 (en) * 2002-12-18 2012-02-21 Cisco Technology, Inc. Methods and apparatus for providing security to a computerized device
US7296190B2 (en) * 2003-01-29 2007-11-13 Sun Microsystems, Inc. Parallel text execution on low-end emulators and devices
US7437149B1 (en) * 2003-03-24 2008-10-14 Sprint Spectrum L.P. Method and system for exchanging data between portable applications for mobile devices
US7079839B1 (en) * 2003-03-24 2006-07-18 Sprint Spectrum L.P. Method and system for push launching applications with context on a mobile device
US20050003810A1 (en) * 2003-05-28 2005-01-06 Sun Microsystems, Inc. Method and system for optimizing software program start-up time
US20040243519A1 (en) * 2003-06-02 2004-12-02 Nokia Corporation Prompted electronic mobile-service information communications with validation
EP1636693A1 (en) * 2003-06-25 2006-03-22 Nokia Corporation Method for obtaining communication settings using an application descriptor
US20050037732A1 (en) * 2003-08-12 2005-02-17 Motorola, Inc. Method and apparatus for locking a wireless communication unit to a selected network
WO2005045651A1 (en) * 2003-11-11 2005-05-19 Matsushita Electric Industrial Co., Ltd. Method for judging use permission of information and content distribution system using the method
US20060031681A1 (en) * 2004-08-05 2006-02-09 Motorola, Inc. Method and system for controlling access to a wireless client device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5757915A (en) * 1995-08-25 1998-05-26 Intel Corporation Parameterized hash functions for access control
US5940513A (en) * 1995-08-25 1999-08-17 Intel Corporation Parameterized hash functions for access control
US6567917B1 (en) * 1999-02-01 2003-05-20 Cisco Technology, Inc. Method and system for providing tamper-resistant executable software
US20040127196A1 (en) * 2002-12-31 2004-07-01 Dabbish Ezzat A. Methods and apparatus for managing secured software for a wireless device

Also Published As

Publication number Publication date
US9313214B2 (en) 2016-04-12
CN1993921A (en) 2007-07-04
US20060031941A1 (en) 2006-02-09
EP1776799A2 (en) 2007-04-25
EP1776799A4 (en) 2010-08-11
WO2006017757A2 (en) 2006-02-16
EP1776799B1 (en) 2017-11-01

Similar Documents

Publication Publication Date Title
WO2006017757A3 (en) Enhanced security using service provider authentication
US10447486B2 (en) Remote attestation of a security module's assurance level
WO2004027588A3 (en) Certificate based authorized domains
US9542568B2 (en) Systems and methods for enforcing third party oversight of data anonymization
Alexiou et al. Vespa: Vehicular security and privacy-preserving architecture
WO2006023116A3 (en) System and method for enabling device dependent rights protection
WO2007092651A3 (en) Trusted host platform
WO2007125486A3 (en) Improved access to authorized domains
WO2005096701A3 (en) System and method for enabling authorization of a network device using attribute certificates
FI981132A0 (en) Prevention of illegal use of service
CN102664885A (en) Identity authentication method based on biological feature encryption and homomorphic algorithm
WO2009155473A3 (en) Information rights management
DE60228554D1 (en) METHOD AND DEVICE FOR STORING CRYPTOGRESITZ AND SAFE DISTRIBUTION SAVED KEY TO BE AUTHENTICATED
KR20140138259A (en) Method, device, and system for identity authentication
US20150106898A1 (en) Method, device, and system for identity authentication
CN101764788B (en) Safe access method based on extended 802.1x authentication system
JP2009505196A (en) Protected software identifiers for improving security in computing devices
Gourkhede et al. Analysing security and privacy management for cloud computing environment
US9716707B2 (en) Mutual authentication with anonymity
Phan Service oriented architecture (soa)-security challenges and mitigation strategies
Topman et al. Mobile applications for connected cars: Security analysis and risk assessment
US20150100777A1 (en) Secure Federated Identity Service
Furtado et al. Threat analysis of the security credential management system for vehicular communications
Ulltveit-Moe et al. Mobile security with location-aware role-based access control
KR102055888B1 (en) Encryption and decryption method for protecting information

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REEP Request for entry into the european phase

Ref document number: 2005782711

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2005782711

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 200580026724.2

Country of ref document: CN

NENP Non-entry into the national phase

Ref country code: DE

WWP Wipo information: published in national office

Ref document number: 2005782711

Country of ref document: EP